| VID |
19022 |
| Severity |
40 |
| Port |
53 |
| Protocol |
UDP |
| Class |
DNS |
| Detailed Description |
According to its self-reported version number, the remote installation of BIND is affected by multiple vulnerabilities :
- Failure to clear existing RRSIG records when a NO DATA is negatively cached could cause subsequent lookups to crash named. (CVE-2010-3613)
- Named, when acting as a DNSSEC validating resolver, could incorrectly mark zone data as insecure when the zone being queried is undergoing a key algorithm rollover. (CVE-2010-3614)
- Using 'allow-query' in the 'options' or 'view' statements to restrict access to authoritative zones has no effect. (CVE-2010-3615)
* Note: This check solely relied on the banner of the remote DNS server to assess this vulnerability, so this might be a false positive.
* References:
ftp://ftp.isc.org/isc/bind9/9.4-ESV-R4/RELEASE-NOTES-BIND-9.4-ESV-R4.html
ftp://ftp.isc.org/isc/bind9/9.6.2-P3/RELEASE-NOTES-BIND-9.6.2-P3.html
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R3/RELEASE-NOTES-BIND-9.6-ESV-R3.html
ftp://ftp.isc.org/isc/bind9/9.7.2-P3/RELEASE-NOTES-BIND-9.7.2-P3.html
https://www.isc.org/software/bind/advisories/cve-2010-3613
https://www.isc.org/software/bind/advisories/cve-2010-3614
https://www.isc.org/software/bind/advisories/cve-2010-3615
* Platforms Affected:
Internet Software Consortium, BIND version 9.4-ESV < 9.4-ESV-R4
Internet Software Consortium, BIND version 9.6.2 < 9.6.2-P3
Internet Software Consortium, BIND version 9.6-ESV < 9.6-ESV-R3
Internet Software Consortium, BIND version 9.7.x < 9.7.2-P3
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of BIND (9.4-ESV-R4, 9.6.2-P3, 9.6-ESV-R3, 9.7.2-P3 or later), available from the Internet Software Consortium (ISC) Web site at http://www.isc.org/products/BIND/ |
| Related URL |
CVE-2010-3613,CVE-2010-3614,CVE-2010-3615 (CVE) |
| Related URL |
45133,45134,45137 (SecurityFocus) |
| Related URL |
(ISS) |
|
